Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in newpost.php in Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to overwrite arbitrary files via a .. (dot dot) sequence and trailing null (%00) byte in the id parameter, as demonstrated by injecting a Perl CGI script using "[NR]" sequences in the message parameter, then calling close.php with modified id and t_id parameters to chmod the script. NOTE: this issue might be resultant from dynamic variable evaluation.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ultimate PHP Board newpost.php 目录遍历漏洞
Vulnerability Description
Ultimate PHP Board (UPB) 中的newpost.php 存在目录遍历漏洞。 远程攻击者可以借助 id 参数中的..(点点)序列和尾随的空(%00) 字节,重写任意文件。比如使用message参数中的 "[NR]"序列注入Perl CGI脚本,然后再调用id和t_id参数经过修改的close.php来 chmod脚本。注意: 此问题可能由动态变量评价所致。
CVSS Information
N/A
Vulnerability Type
N/A